Skip to main content
NetApp Knowledge Base

Unable to add/modify nasgroup principal in ONTAP S3 bucket policy with "Failed to look up NAS group"

Views:
224
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9.14.1+
  • ONTAP S3 storage VM
  • LDAP fast bind mode for S3 user authentication

Issue

  • Unable to add/modify a nasgroup principal in the 'bucket policy' and receiving error "Failed to look up NAS group"
  • Command and error example
    • filer::> bucket policy add-statement -vserver svm1_cluster1 -bucket svm1-bucket -effect allow -action GetObject -principal nasgroup/noGidDef
        (vserver object-store-server bucket policy add-statement)
      
      Error: command failed: Failed to look up NAS group "nasgroup/noGidDef" specified in the object store bucket policy principal. Unix group-name to gid lookup failed with error:
             Failed to resolve group name to a UNIX ID. Reason: "SecD Error: object not found". Windows group-name to sid lookup failed with error: Failed to convert Windows name to
             SID. Reason: "SecD Error: object not found".
      
      

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.